Lucene search
K

103 matches found

Chainguard
Chainguard
added 5 days ago7 views

GHSA-9VCR-P3RJ-Q5Q6 vulnerabilities

Vulnerabilities for packages: trivy, tkn, ratify, trivy-operator, tekton-chains-fips, cloudbeat-fips, docker-fips, zarf, kubescape-server, gitsign, trivy-fips, falcoctl-fips, crossplane-fips, tekton-chains, cloudbeat, kubescape, neuvector-sigstore-interface-fips, kyverno-fips, ratify-fips,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.6 views

GHSA-47Q9-M4WW-924M vulnerabilities

Vulnerabilities for packages: ko-fips, slsa-verifier, tkn, ratify, trivy-operator, tekton-chains-fips, cloudbeat-fips, spire-server, docker-fips, zarf, kubescape-server, ko, gitsign, falcoctl-fips, crossplane-fips, tekton-chains, cloudbeat, kubescape, neuvector-sigstore-interface-fips,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.5 views

CVE-2026-48702 vulnerabilities

Vulnerabilities for packages: ko-fips, slsa-verifier, tkn, ratify, trivy-operator, tekton-chains-fips, cloudbeat-fips, spire-server, docker-fips, zarf, kubescape-server, ko, gitsign, falcoctl-fips, crossplane-fips, tekton-chains, cloudbeat, kubescape, neuvector-sigstore-interface-fips,...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/06/26 8:22 p.m.7 views

GHSA-45GG-VH54-H5M9 vulnerabilities

Vulnerabilities for packages: zarf, argo-workflows-fips, prometheus-operator, flux-source-controller, nerdctl, cloud-provider-aws, omnictl-multiarch, zitadel, trivy-operator-fips, knative-kafka-broker, opentofu-fips, rancher-agent, gitea-fips, kubescape-server-fips, tekton-pipelines, harbor, isti...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.8 views

GHSA-W879-237Q-WC7R vulnerabilities

Vulnerabilities for packages: kubescape, argo-cd, helm, kubernetes-dashboard, chezmoi, guac, rancher-agent, act, fscrypt, cert-manager, splunk-otel-collector, vault-benchmark, crossplane-provider-azure-sql, cilium-cli, docker-machine-driver-harvester, flux-source-controller,...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.10 views

GHSA-X527-X647-Q7GG vulnerabilities

Vulnerabilities for packages: kubescape, argo-cd, k9s, helm, kubernetes-dashboard, knative-serving, prometheus, rancher, gitea, trivy-operator, nerdctl, rancher-agent, kine, fscrypt, cilium, prometheus-operator, spire-server, chisel, telegraf, cert-manager, aactl, skaffold, argocd-image-updater,...

6.1AI score
Exploits0
Wolfi
Wolfi
added 2026/06/26 8:22 p.m.6 views

GHSA-JPPX-RXG9-JMRX vulnerabilities

Vulnerabilities for packages: argo-cd, helm, kubernetes-dashboard, knative-serving, prometheus, rancher, nerdctl, rancher-agent, kine, fscrypt, cilium, prometheus-operator, spire-server, telegraf, cert-manager, aactl, external-dns, flux, minio, teleport, snyk-cli, cilium-cli,...

6.1AI score
Exploits0
OSV
OSV
added 2026/06/08 3:7 p.m.25 views

CLEANSTART-2026-NT30039 Security fixes for CVE-2025-61727, CVE-2025-61729, CVE-2025-61732, CVE-2025-68121, CVE-2026-25680, CVE-2026-25681, CVE-2026-27136, CVE-2026-33811, CVE-2026-33814, CVE-2026-33816, CVE-2026-34986, CVE-2026-39820, CVE-2026-39821, CVE-2026-39823, CVE-2026-39824, CVE-2026-39825, CVE-2026-39826, CVE-2026-39827, CVE-2026-39828, CVE-2026-39829, CVE-2026-39830, CVE-2026-39831, CVE-2026-39832, CVE-2026-39833, CVE-2026-39834, CVE-2026-39835, CVE-2026-39836, CVE-2026-41889, CVE-2026-42499, CVE-2026-42502, CVE-2026-42506, CVE-2026-42508, CVE-2026-4659, CVE-2026-46595, CVE-2026-46597, ghsa-273p-m2cw-6833, ghsa-4c4x-jm2x-pf9j, ghsa-4qg8-fj49-pxjh, ghsa-846p-jg2w-w324, ghsa-fcv2-xgw5-pqxf, ghsa-fphv-w9fq-2525, ghsa-jqc5-w2xx-5vq4, ghsa-whqx-f9j3-ch6m, ghsa-xmrv-pmrh-hhx2 applied in versions: 1.13.3-r0, 1.14.1-r0, 1.14.1-r1, 1.14.1-r2, 1.14.5-r0, 1.14.5-r1

Multiple security vulnerabilities affect the spire-server-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS5.5AI score0.00901EPSS
Exploits3References80
OSV
OSV
added 2026/06/08 2:1 p.m.14 views

CLEANSTART-2026-EA12165 Security fixes for CVE-2025-61732, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-25680, CVE-2026-25681, CVE-2026-26958, CVE-2026-27136, CVE-2026-27139, CVE-2026-27142, CVE-2026-27145, CVE-2026-33186, CVE-2026-33811, CVE-2026-33814, CVE-2026-33816, CVE-2026-34986, CVE-2026-39820, CVE-2026-39821, CVE-2026-39823, CVE-2026-39824, CVE-2026-39825, CVE-2026-39826, CVE-2026-39827, CVE-2026-39828, CVE-2026-39829, CVE-2026-39830, CVE-2026-39831, CVE-2026-39832, CVE-2026-39833, CVE-2026-39834, CVE-2026-39835, CVE-2026-39836, CVE-2026-42499, CVE-2026-42502, CVE-2026-42504, CVE-2026-42506, CVE-2026-42507, CVE-2026-42508, CVE-2026-46595, CVE-2026-46597, CVE-2026-46598, ghsa-273p-m2cw-6833, ghsa-4c4x-jm2x-pf9j, ghsa-4qg8-fj49-pxjh, ghsa-846p-jg2w-w324, ghsa-fcv2-xgw5-pqxf, ghsa-fphv-w9fq-2525, ghsa-jqc5-w2xx-5vq4, ghsa-pmwq-pjrm-6p5r, ghsa-whqx-f9j3-ch6m, ghsa-xmrv-pmrh-hhx2 applied in versions: 1.14.1-r0, 1.14.1-r1, 1.14.1-r2, 1.14.1-r3, 1.14.1-r4, 1.14.5-r0, 1.14.5-r1

Multiple security vulnerabilities affect the spire-server package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS6.8AI score0.01557EPSS
Exploits2References93
OSV
OSV
added 2026/06/08 2:0 p.m.16 views

CLEANSTART-2026-IH16568 Security fixes for CVE-2025-15558, CVE-2025-61732, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-25680, CVE-2026-25681, CVE-2026-26958, CVE-2026-27136, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, CVE-2026-33811, CVE-2026-33814, CVE-2026-33816, CVE-2026-34986, CVE-2026-39820, CVE-2026-39821, CVE-2026-39823, CVE-2026-39824, CVE-2026-39825, CVE-2026-39826, CVE-2026-39827, CVE-2026-39828, CVE-2026-39829, CVE-2026-39830, CVE-2026-39831, CVE-2026-39832, CVE-2026-39833, CVE-2026-39834, CVE-2026-39835, CVE-2026-39836, CVE-2026-39984, CVE-2026-42499, CVE-2026-42502, CVE-2026-42506, CVE-2026-42508, CVE-2026-46595, CVE-2026-46597, CVE-2026-46598, ghsa-273p-m2cw-6833, ghsa-4c4x-jm2x-pf9j, ghsa-4qg8-fj49-pxjh, ghsa-846p-jg2w-w324, ghsa-fcv2-xgw5-pqxf, ghsa-fphv-w9fq-2525, ghsa-jqc5-w2xx-5vq4, ghsa-whqx-f9j3-ch6m, ghsa-xmrv-pmrh-hhx2 applied in versions: 1.13.5-r0, 1.13.5-r1, 1.14.1-r0, 1.14.1-r1, 1.14.1-r2, 1.14.1-r3, 1.14.1-r4

Multiple security vulnerabilities affect the spire-server package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS6.9AI score0.01557EPSS
Exploits2References90
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.9 views

CVE-2026-7314

A vulnerability was detected in eiceblue spire-doc-mcp-server 1.0.0. This affects the function getdocpath of the file src/spiredocmcp/api/base.py. Performing a manipulation of the argument documentname results in path traversal. The attack can be initiated remotely. The exploit is now public and...

7.5CVSS7AI score0.0041EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.9 views

CVE-2026-7315

A flaw has been found in eiceblue spire-pdf-mcp-server 0.1.1. This impacts the function getpdfpath of the file src/spirepdfmcp/server.py of the component PDF File Handler. Executing a manipulation of the argument filepath can lead to path traversal. The attack can be launched remotely. The exploi...

7.5CVSS6.8AI score0.0041EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/14 6:58 a.m.23 views

Important: Red Hat Security Advisory: zero trust workload identity manager for Red Hat OpenShift 1.0.1

zero trust workload identity manager for Red Hat OpenShift 1.0.1 The Zero Trust Workload Identity Manager ZTWIM is a day-2 operator. The operator manages lifecycle of operand components from SPIRE project. The goal of ZTWIM is to provide secure, verifiable workload identities for workloads in...

8.9CVSS6.9AI score0.02667EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/05/14 6:54 a.m.25 views

Important: Red Hat Security Advisory: zero trust workload identity manager for Red Hat OpenShift 1.0.1

zero trust workload identity manager for Red Hat OpenShift 1.0.1 The Zero Trust Workload Identity Manager ZTWIM is a day-2 operator. The operator manages lifecycle of operand components from SPIRE project. The goal of ZTWIM is to provide secure, verifiable workload identities for workloads in...

8.9CVSS6.8AI score0.02667EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/05/14 6:50 a.m.20 views

Important: Red Hat Security Advisory: zero trust workload identity manager for Red Hat OpenShift 1.0.1

zero trust workload identity manager for Red Hat OpenShift 1.0.1 The Zero Trust Workload Identity Manager ZTWIM is a day-2 operator. The operator manages lifecycle of operand components from SPIRE project. The goal of ZTWIM is to provide secure, verifiable workload identities for workloads in...

8.9CVSS6.9AI score0.02667EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/05/14 6:38 a.m.23 views

Important: Red Hat Security Advisory: zero trust workload identity manager for Red Hat OpenShift 1.0.1

zero trust workload identity manager for Red Hat OpenShift 1.0.1 The Zero Trust Workload Identity Manager ZTWIM is a day-2 operator. The operator manages lifecycle of operand components from SPIRE project. The goal of ZTWIM is to provide secure, verifiable workload identities for workloads in...

8.9CVSS6.8AI score0.02667EPSS
Exploits0References3
Chainguard
Chainguard
added 2026/05/06 7:17 p.m.14 views

CVE-2026-41889 vulnerabilities

Vulnerabilities for packages: gotrue, gitness, envoy-gateway-fips, peerdb-flow, vault-fips, seaweedfs-fips, grafana, argo-workflows-fips, bento-fips, cloudnative-pg-fips, zitadel, temporal-fips, rke2-cloud-provider-fips, cloudprober-fips, amass, kube-bench, harbor, teleport, seaweedfs-rocksdb,...

9.8CVSS6.1AI score0.00356EPSS
Exploits0
NVD
NVD
added 2026/04/28 10:16 p.m.13 views

CVE-2026-7314

A vulnerability was detected in eiceblue spire-doc-mcp-server 1.0.0. This affects the function getdocpath of the file src/spiredocmcp/api/base.py. Performing a manipulation of the argument documentname results in path traversal. The attack can be initiated remotely. The exploit is now public and...

7.5CVSS0.0041EPSS
Exploits0References5
NVD
NVD
added 2026/04/28 10:16 p.m.6 views

CVE-2026-7315

A flaw has been found in eiceblue spire-pdf-mcp-server 0.1.1. This impacts the function getpdfpath of the file src/spirepdfmcp/server.py of the component PDF File Handler. Executing a manipulation of the argument filepath can lead to path traversal. The attack can be launched remotely. The exploi...

7.5CVSS0.0041EPSS
Exploits0References5
CVE
CVE
added 2026/04/28 8:0 p.m.15 views

CVE-2026-7315

The CVE affects eiceblue spire-pdf-mcp-server v0.1.1 (PDF File Handler, get_pdf_path). A flaw allows path traversal via a manipulated filepath, enabling a remote attack. Exploit has been published; the project was informed early via an issue but has not responded. No remediation or patch version ...

7.5CVSS7.1AI score0.0041EPSS
Exploits0References5
Rows per page
Query Builder